Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:46:07, on 31.08.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)

FIREFOX: 40.0.2 (x86 de)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\DATEV\PROGRAMM\B0000398\SiPaHost.exe
D:\OO Software\DiskImage\ooditray.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\DATEV\PROGRAMM\A0000007\DHNC.exe
C:\DATEV\PROGRAMM\Sws\LiMaServer.exe
C:\DATEV\SYSTEM\rzpjwtch.exe
C:\DATEV\PROGRAMM\SWS\LiMaService.exe
C:\DATEV\PROGRAMM\Install\DvInesASDMon.exe
C:\Windows\System32\mobsync.exe
C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
C:\Windows\system32\conhost.exe
C:\DATEV\PROGRAMM\DFUEISDN\sslclt\sslclt.exe
C:\Windows\system32\conhost.exe
C:\DATEV\PROGRAMM\B0000299\as\as.exe
C:\DATEV\PROGRAMM\B0000299\as\as.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\DATEV\PROGRAMM\K0005000\Arbeitsplatz.exe
C:\DATEV\PROGRAMM\K0005003\Datev.Sdd.DataServer.exe
C:\DATEV\SYSTEM\NUKO\NKWLOGIN.EXE
C:\DATEV\PROGRAMM\D0100000\Datev.Framework.RemoteServiceModel.GenericService2010.exe
C:\Windows\system32\conhost.exe
C:\DATEV\PROGRAMM\K0005002\Datev.Sdd.Ui.EditHost.StartupService.exe
C:\DATEV\PROGRAMM\RWAPPLIC\IRW.exe
C:\DATEV\SYSTEM\DvReweDzsMSTR030A.EXE
I:\HijackThis 2.0.5 beta\hijackthis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: (no name) - {557F4852-8868-44dd-B5E9-9890AC4B1FD5} - (no file)
O2 - BHO: DtvIePwdSafe - {6EF6B546-25FB-455B-801F-FDB3B3D39F9E} - C:\DATEV\PROGRAMM\B0000397\DtvIePwdSafe.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (file missing)
O2 - BHO: DATEV Smartcard Browser Helper - {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} - C:\DATEV\SYSTEM\DVCCSAScardBHO002.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Datev.CC.ControllerUserMode] C:\DATEV\PROGRAMM\RZKOMM\Datev.CC.Processes.Cmd.exe StartRdtControllerUserMode -retry true
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SiPaHost] C:\DATEV\PROGRAMM\B0000398\SiPaHost.exe C:\DATEV\KONFIG\B0000398
O4 - HKLM\..\Run: [OODITRAY.EXE] D:\OO Software\DiskImage\ooditray.exe
O4 - HKLM\..\Run: [Sophos AutoUpdate Monitor] C:\Program Files\Sophos\AutoUpdate\almon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Global Startup: Basisschnittstelle Office Initialisierung.lnk = C:\DATEV\PROGRAMM\BSOffice\service\OfficeDiag.exe
O4 - Global Startup: CleanupPrintJobs.lnk = C:\DATEV\PROGRAMM\B0001401\CleanupPrintJobs.exe
O4 - Global Startup: DATEV-Hinweis Mitteilungsdienst.lnk = C:\DATEV\PROGRAMM\A0000007\DHNC.exe
O4 - Global Startup: Lizenz-Manager Server.lnk = C:\DATEV\PROGRAMM\Sws\LiMaServer.exe
O4 - Global Startup: RZ-Druckertreiber V.2.3.lnk = ?
O4 - Global Startup: SkyUserDevmode-Update.lnk = C:\DATEV\PROGRAMM\B0001401\UpdateDevmode.exe
O4 - Global Startup: Supero Doctor III Client.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = muehlenhof.intra
O17 - HKLM\Software\..\Telephony: DomainName = muehlenhof.intra
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4FB5552-B0BB-4B24-8407-44EB9AF79A36}: NameServer = 8.8.8.8,192.168.0.106,195.202.32.79,195.202.33.68
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = muehlenhof.intra
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = muehlenhof.intra
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DATEV Update-Service - DATEV eG - C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe
O23 - Service: DATEV DFÜ-Dienst (Datev.CC.Processes.Hosting.RdtServiceMode) - DATEV eG - C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
O23 - Service: DATEV Connection Service (Datev.Database.Conserve) - DATEV eG - C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
O23 - Service: DATEV DFL-Service-Manager (Datev.Framework.RemoteServiceModel.EnablerService) - DATEV eG - C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
O23 - Service: DATEV DFL Infrastruktur-Dienst (Datev.Framework.RemoteServices) - DATEV eG - C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
O23 - Service: DATEV IRW ServiceProvider (Datev.Irw.ServiceProvider.HostXcut.Server) - DATEV eG - C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
O23 - Service: DATEV Schnittstellensystem pro (Datev.Unternehmen.SystemComponents.ServiceBus.V0200.PlugIn) - Unknown owner - Datev.Framework.RemoteServiceModel.GenericService2010.exe (file missing)
O23 - Service: DATEV Schnittstellensystem pro V0300 (Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn) - Unknown owner - Datev.Framework.RemoteServiceModel.GenericService2010.exe (file missing)
O23 - Service: DATEV Schnittstellensystem pro V0400 (Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn) - Unknown owner - Datev.Framework.RemoteServiceModel.GenericService2010.exe (file missing)
O23 - Service: DATEV Druckservice (DatevPrintService) - DATEV eG - C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE
O23 - Service: DVckService - DATEV eG - C:\DATEV\PROGRAMM\B0000150\ScServer\DVckService.exe
O23 - Service: O&O Gateway Agent Service (GatewayAgentService) - O&O Software GmbH - C:\Program Files\OO Software\Shared\GatewayAgent\ooemcgats.exe
O23 - Service: Sentinel Local License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: OO DiskImage - O&O Software GmbH - D:\OO Software\DiskImage\oodiag.exe
O23 - Service: Sophos Anti-Virus Statusreporter (SAVAdminService) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sicherheitspaket-Dienst - DATEV eG - C:\DATEV\PROGRAMM\B0000398\SiPaHostService.exe
O23 - Service: Sophos Agent - Sophos Limited - C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Limited - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Sophos Message Router - Sophos Limited - C:\Program Files\Sophos\Remote Management System\RouterNT.exe
O23 - Service: Sophos Web Control Service - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
O23 - Service: SuperMicro Health Assistant - Unknown owner - C:\Program Files\SUPERMICRO\SDIII\NTService.exe
O23 - Service: Supero SD3Service Daemon - Unknown owner - C:\Windows\system32\SD3Service.exe
O23 - Service: Sophos Web Intelligence Service (swi_service) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
O23 - Service: Sophos Web Intelligence Update (swi_update) - Sophos Limited - C:\ProgramData\Sophos\Web Intelligence\swi_update.exe
O23 - Service: Xitami Web Server (Xitami) - Unknown owner - C:\Program Files\SUPERMICRO\SDIII\Xitami\xisrv32.exe

--
End of file - 11276 bytes